package com.XinYun.Library.modules.show.dao;

import cn.hutool.core.lang.Assert;
import com.XinYun.Library.utils.SqlUtils.DruidUtil;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Scanner;

public class sql {
    private static void security(String sql) throws SQLException {
        //sql语句·检测，调用了HuTools的Assert
        Assert.notBlank(sql, "sql语句不能为空！");
        sql = sql.trim();
        String tag = new Scanner(sql).next();
        if (tag.equalsIgnoreCase("SELECT") ||
                tag.equalsIgnoreCase("UPDATE") ||
                tag.equalsIgnoreCase("INSERT") ||
                tag.equalsIgnoreCase("DELETE")) {
        } else {
            throw new SQLException("请不要输入CRUD以外语句");
        }
    }

    public static ResultSet select1(String sql1, String bookname) throws SQLException {
        Connection connection = DruidUtil.getConnection();
        PreparedStatement preparedStatement = connection.prepareStatement(sql1);
        //对问号传参
        preparedStatement.setString(1, bookname);
        ResultSet resultSet1 = preparedStatement.executeQuery();
        return resultSet1;
    }

    public static ResultSet select2(String sql2, String bookname) throws SQLException {
        Connection connection = DruidUtil.getConnection();
        PreparedStatement preparedStatement = connection.prepareStatement(sql2);
        //对问号传参
        preparedStatement.setString(1, bookname);
        ResultSet resultSet2 = preparedStatement.executeQuery();
        return resultSet2;
    }
}

